180 likes | 283 Views
Improving Robustness of Inter-Autonomous OpenFlow Network by Extending its Control Model. Othman Othman M.M. , Koji Okamura Kyushu University Proceedings of the 33 nd Asia-Pacific Advanced Network Meeting Thailand , Chiang Mai, 2012/2/15. Outline:. Goal. Motivation.
E N D
Improving Robustness of Inter-Autonomous OpenFlow Network by Extending its Control Model Othman Othman M.M. , Koji Okamura Kyushu University Proceedings of the 33ndAsia-Pacific Advanced Network Meeting Thailand, Chiang Mai, 2012/2/15
Outline: • Goal. • Motivation. • An attempt to solve the problem • Network Equipment to Equipment flow installation. • Steps for Flow delegation. • Flow Aggregation Algorithm. • Finding Equipment . • Programming flows & Security aspect. • Tunneling. • Evaluation. • Conclusion.
1-Goal: • Improve OpenFlow. • Support self-reactive behavior. • Step towards having wider adoption of OpenFlow. • Reduce load on controller.
2-Motivation: • Tight coupling between OpenFlow switch and controller. • Every thing is up to the controller. • Controller might be bottleneck. • number of flows that can be installed by the NOX controller as shown in [1] are 30K flow/sec, and the flow arrival rate in [2] that is 100K flow per second. • Figures might have changed but debate still going. [1].Tavakoli, A., Casado, M., Koponen, T., & Shenker, S. (n.d.). Applying NOX to the Datacenter. Proc. HotNets (October 2009). [2]. Kandula, S., Sengupta, S., Greenberg, A., Patel, P., & Chaiken, R. (2009). The nature of data center traffic: measurements & analysis. Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference (p. 202–208). ACM.
2- Motivation: Figure 1: OpenFlow Control Mode Figure 3: EnhancedOpenFlow Control Mode • Current OpenFlow’s control model: • Controller to Equipment only: Equipment exchange information only with the controller. • Current Internet: • Equipment to Equipment only: equipment exchange information with each other. • Target: • Controller to Equipment, AND Equipment to Equipment: to give OpenFlow the ability to exchange information between equipment in addition to controller. Fig2. Regular Network Information exchange.
2- Motivation: • Why Equipment to Equipment can help: • Network edges are suitable for installing flows, since all of the incoming and outgoing packets must pass through them. • Network edges can be used in different applications like, implementing security, traffic policies, traffic tagging, ….. • However, equipment flow table is limited. • Also Controller can be a bottleneck. • Equipment to Equipment Flow installation: • Provide a new method for the overloaded equipment to act on their own, without involving the controller.
3-An attempt to solve the problem: • Network equipment to Network equipment Flow Programming: • To create traffic-aware self-reactive network. • Can be used to delegate some flows to less loaded network equipment. • To easily program whole network without loading controller.
3- Network Equipment to Equipment flow installation : Flows to manipulate headers in packets P P Packet P Packet P P P Packet • To reduce load off the controller. • Give the equipment ability to act by their own to reduce load off loaded equipment. • Alternative way to install flows to whole network (e-e propagation). Packet Packet Packet Fig1. Equipment overloaded, due to many flows to carry out. Packet P Packet PE Packet PE PE P P Fig2. Overloaded equipment delegates some flows to other equipment. Flows to manipulate headers in packets Fig3. Reduced load off the overloaded equipment.
4- Steps for Flow delegation : 1 Start No 2 Need to delegate? Yes Find aggregate able flows. And aggregate them. 3 Find equipment to program. 4 5 Program flows from 3 to equipment form 4 Tunnel aggregated flows from 3 to target equipment form 4. 6 7 Finish
4- Steps for Flow delegation :1-Flow Aggregation Algorithm : Flow Table • How to delegate flows? • Aggregate flows that have common features, and responsible for some portion of traffic. • i.e. to aggregate many flows to one. • Delegate the aggregated flows to other equipment. • Use Flow Aggregation Algorithm. • Overloaded equipment flows = original flows – delegated flows. Range of portions of total traffic e.g. (20%-30%) Flow Aggregation Algorithm aggregated flow (one or more)
4-Steps for Flow delegation: 1- Flow Aggregation Algorithm : Start Build Histograms for all Fields • TA-FAA : • TA-FAA Evaluation: • Java Program to evaluate the efficiency of Flow Aggregation Algorithm. • FAA success rate of aggregation = 79.7 % None Aggregation percentage? Strict Wide Aggregate SrcIP None Strict Wide Aggregate DstIP None Strict Wide Find commonvalues from two wide aggregations. None, Wide Strict Fail Finish
4: Steps for Flow delegation2- Finding Equipment : • Request is a kind of controlled flooding: • Limited propagation; request will have a count to valid hop counts.(TTL) • Limited number of acceptance, (LFI); Level of Flow Installation. • Negative Acknowledgement. • Expiry time. • 3 way programming method: • Request, Accept, Confirm • Request is a kind of controlled flooding. The delegating device The device receiving delegation Other device receiving delegation • Installation Request? • Flows to be delegated. • LFI= 2 , TTL=5 • Accept • Self Identification. • Installation Request? • Flows to be delegated. • LFI= 1 , TTL=4 Confirm • Accept • Self Identification. Confirm
4: Steps for Flow delegation3- Programming flows & Security aspect : 1 Flow 1 1 Figure 1: Initial Flow Installation. 3 Figure 2: Flow Delegation (e-e Flow Installation) 2 2 2 Request Flow Req. hash 2’s ID Flow 1’s ID Signed by Controller Flow’s Hash 2’s ID Signed by Equipment 1 Signed by Equipment 2
4: Steps for Flow delegation3- Programming flows & Security aspect : • Why to do that: case of flow includes sending packet to controller Flow 1 1 1 Flow Figure 2: This flow was delegated. Figure 1: Controller installs flow. Figure 3: Accepting packets form eq.2 instead of eq.1. 1’s ID 2 2 2 Flow’s Hash 2’s ID Flow Expect packet from eq.1 Expect packet from eq.1 Expect packet from eq.1 eq.2 used the signed fields it got form eq.1 So controller will accept Signed by Controller Signed by Equipment 1 Signed by Equipment 2
4: Steps for Flow delegation4- Tunneling : Flow Flow Flow Flow • In such cases: • eq.4 have to tunnel packets to eq.2. • This is done using IP tagging . (similar to VLAN tag) • Also eq.1 uses the aggregated flow (1 flow) to tunnel traffic to eq.4. Flow Flow 2 3 1 4 Fig1. flows are stitched to form a path defined by controller. Fig2. Path might break because eq.2 expects packets from eq.1 or the interface of eq.2 that connects it to eq.1. 2 3 1 4
5- Evaluation: • Run simulation on NS3 using : • Regular OpenFlow. • Modified OpenFlow. • Collaboration for experimenting on NICT’s JGN-X. • Compare edge equipment load, all equipment load. • Evaluate efficiency to reduce load. • Evaluate traffic generated by the new enhancement.
6- Conclusion: • Aim to improve OpenFlow by reducing load off the controller, make it self-aware and self-reactive,. • Achieving goals by proposing a new enhancements to OpenFlow: • Network equipment to equipment flow installation. • Proposing Flow Aggregation Algorithm, to enable the enhancements. • Simulation shows the success rate of FAA is 79.7 %
Q & A: • Thanks for listening.